X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fprofile_photo.php;h=984ebfed6f39fc27bfa6bc157d903e5be905953a;hb=7f143c3159615b4a10539447bcf250a5fca793a5;hp=a1428adc878d60b862962e2c6ec94472e5c7cfd3;hpb=66a103e36a42ab251fd9ca6c4b56b54380e4d535;p=friendica.git diff --git a/mod/profile_photo.php b/mod/profile_photo.php index a1428adc87..984ebfed6f 100644 --- a/mod/profile_photo.php +++ b/mod/profile_photo.php @@ -8,7 +8,7 @@ use Friendica\Core\Config; use Friendica\Core\L10n; use Friendica\Core\System; use Friendica\Core\Worker; -use Friendica\Database\DBM; +use Friendica\Database\DBA; use Friendica\Model\Contact; use Friendica\Model\Photo; use Friendica\Model\Profile; @@ -25,7 +25,6 @@ function profile_photo_init(App $a) function profile_photo_post(App $a) { - if (!local_user()) { notice(L10n::t('Permission denied.') . EOL); return; @@ -33,7 +32,7 @@ function profile_photo_post(App $a) check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); - if ((x($_POST, 'cropfinal')) && ($_POST['cropfinal'] == 1)) { + if (!empty($_POST['cropfinal']) && $_POST['cropfinal'] == 1) { // unless proven otherwise $is_default_profile = 1; @@ -42,7 +41,10 @@ function profile_photo_post(App $a) $r = q("select id, `is-default` from profile where id = %d and uid = %d limit 1", intval($_REQUEST['profile']), intval(local_user()) ); - if (DBM::is_result($r) && (!intval($r[0]['is-default']))) $is_default_profile = 0; + + if (DBA::isResult($r) && (!intval($r[0]['is-default']))) { + $is_default_profile = 0; + } } @@ -67,11 +69,11 @@ function profile_photo_post(App $a) $srcW = $_POST['xfinal'] - $srcX; $srcH = $_POST['yfinal'] - $srcY; - $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", dbesc($image_id), - dbesc(local_user()), intval($scale)); - - if (DBM::is_result($r)) { + $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", DBA::escape($image_id), + DBA::escape(local_user()), intval($scale)); + $url = System::baseUrl() . '/profile/' . $a->user['nickname']; + if (DBA::isResult($r)) { $base_image = $r[0]; $Image = new Image($base_image['data'], $base_image['type']); @@ -107,12 +109,12 @@ function profile_photo_post(App $a) if ($is_default_profile) { $r = q("UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d", - dbesc($base_image['resource-id']), intval(local_user()) + DBA::escape($base_image['resource-id']), intval(local_user()) ); } else { $r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", - dbesc(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-4.' . $Image->getExt()), - dbesc(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-5.' . $Image->getExt()), + DBA::escape(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-4.' . $Image->getExt()), + DBA::escape(System::baseUrl() . '/photo/' . $base_image['resource-id'] . '-5.' . $Image->getExt()), intval($_REQUEST['profile']), intval(local_user()) ); } @@ -121,7 +123,6 @@ function profile_photo_post(App $a) info(L10n::t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL); // Update global directory in background - $url = System::baseUrl() . '/profile/' . $a->user['nickname']; if ($url && strlen(Config::get('system', 'directory'))) { Worker::add(PRIORITY_LOW, "Directory", $url); } @@ -132,7 +133,7 @@ function profile_photo_post(App $a) } } - goaway(System::baseUrl() . '/profiles'); + goaway($url); return; // NOTREACHED } @@ -163,7 +164,9 @@ function profile_photo_post(App $a) $ph->orient($src); @unlink($src); - profile_photo_crop_ui_head($a, $ph); + + $imagecrop = profile_photo_crop_ui_head($a, $ph); + goaway(System::baseUrl() . '/profile_photo/use/' . $imagecrop['hash']); } function profile_photo_content(App $a) @@ -182,26 +185,25 @@ function profile_photo_content(App $a) $imagecrop = []; - if ($a->argv[1] == 'use') { - if ($a->argc < 3) { - notice(L10n::t('Permission denied.') . EOL); - return; - }; - -// check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); + if (isset($a->argv[1]) && $a->argv[1] == 'use' && $a->argc >= 3) { + // check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); $resource_id = $a->argv[2]; //die(":".local_user()); $r = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' ORDER BY `scale` ASC", intval(local_user()), - dbesc($resource_id) + DBA::escape($resource_id) ); - if (!DBM::is_result($r)) { + + if (!DBA::isResult($r)) { notice(L10n::t('Permission denied.') . EOL); return; } + $havescale = false; foreach ($r as $rr) { - if ($rr['scale'] == 5) $havescale = true; + if ($rr['scale'] == 5) { + $havescale = true; + } } // set an already uloaded photo as profile photo @@ -210,7 +212,7 @@ function profile_photo_content(App $a) $r = q("UPDATE `photo` SET `profile`=0 WHERE `profile`=1 AND `uid`=%d", intval(local_user())); $r = q("UPDATE `photo` SET `profile`=1 WHERE `uid` = %d AND `resource-id` = '%s'", intval(local_user()), - dbesc($resource_id) + DBA::escape($resource_id) ); Contact::updateSelfFromUserID(local_user(), true); @@ -221,7 +223,7 @@ function profile_photo_content(App $a) Worker::add(PRIORITY_LOW, "Directory", $url); } - goaway(System::baseUrl() . '/profiles'); + goaway(System::baseUrl() . '/profile/' . $a->user['nickname']); return; // NOTREACHED } $ph = new Image($r[0]['data'], $r[0]['type']); @@ -233,8 +235,7 @@ function profile_photo_content(App $a) intval(local_user()) ); - - if (!empty($imagecrop)) { + if (empty($imagecrop)) { $tpl = get_markup_template('profile_photo.tpl'); $o = replace_macros($tpl, @@ -257,7 +258,7 @@ function profile_photo_content(App $a) $o = replace_macros($tpl, [ '$filename' => $filename, - '$profile' => intval($_REQUEST['profile']), + '$profile' => (isset($_REQUEST['profile']) ? intval($_REQUEST['profile']) : 0), '$resource' => $imagecrop['hash'] . '-' . $imagecrop['resolution'], '$image_url' => System::baseUrl() . '/photo/' . $filename, '$title' => L10n::t('Crop Image'), @@ -271,23 +272,23 @@ function profile_photo_content(App $a) return; // NOTREACHED } -function profile_photo_crop_ui_head(App $a, Image $Image) +function profile_photo_crop_ui_head(App $a, Image $image) { $max_length = Config::get('system', 'max_image_length'); if (!$max_length) { $max_length = MAX_IMAGE_LENGTH; } if ($max_length > 0) { - $Image->scaleDown($max_length); + $image->scaleDown($max_length); } - $width = $Image->getWidth(); - $height = $Image->getHeight(); + $width = $image->getWidth(); + $height = $image->getHeight(); if ($width < 175 || $height < 175) { - $Image->scaleUp(200); - $width = $Image->getWidth(); - $height = $Image->getHeight(); + $image->scaleUp(200); + $width = $image->getWidth(); + $height = $image->getHeight(); } $hash = Photo::newResource(); @@ -296,7 +297,7 @@ function profile_photo_crop_ui_head(App $a, Image $Image) $smallest = 0; $filename = ''; - $r = Photo::store($Image, local_user(), 0, $hash, $filename, L10n::t('Profile Photos'), 0); + $r = Photo::store($image, local_user(), 0, $hash, $filename, L10n::t('Profile Photos'), 0); if ($r) { info(L10n::t('Image uploaded successfully.') . EOL); @@ -305,8 +306,8 @@ function profile_photo_crop_ui_head(App $a, Image $Image) } if ($width > 640 || $height > 640) { - $Image->scaleDown(640); - $r = Photo::store($Image, local_user(), 0, $hash, $filename, L10n::t('Profile Photos'), 1); + $image->scaleDown(640); + $r = Photo::store($image, local_user(), 0, $hash, $filename, L10n::t('Profile Photos'), 1); if ($r === false) { notice(L10n::t('Image size reduction [%s] failed.', "640") . EOL); @@ -316,12 +317,11 @@ function profile_photo_crop_ui_head(App $a, Image $Image) } $a->page['htmlhead'] .= replace_macros(get_markup_template("crophead.tpl"), []); - $a->page['end'] .= replace_macros(get_markup_template("cropend.tpl"), []); $imagecrop = [ 'hash' => $hash, 'resolution' => $smallest, - 'ext' => $Image->getExt(), + 'ext' => $image->getExt(), ]; return $imagecrop;